Filtered by vendor Linux
Subscribe
Total
5865 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0717 | 3 Linux, Microsoft, Opera | 3 Linux Kernel, Windows, Opera Browser | 2024-02-04 | 7.5 HIGH | N/A |
Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | |||||
CVE-1999-0401 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.7 LOW | N/A |
A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files. | |||||
CVE-1999-0074 | 4 Freebsd, Linux, Microsoft and 1 more | 4 Freebsd, Linux Kernel, Windows Nt and 1 more | 2024-02-04 | 6.4 MEDIUM | N/A |
Listening TCP ports are sequentially allocated, allowing spoofing attacks. | |||||
CVE-2003-0465 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. | |||||
CVE-2003-1454 | 4 Invision Power Services, Linux, Microsoft and 1 more | 4 Invision Board, Linux Kernel, All Windows and 1 more | 2024-02-04 | 5.0 MEDIUM | N/A |
Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | |||||
CVE-2001-0914 | 2 Linux, Suse | 2 Linux Kernel, Suse Linux | 2024-02-04 | 2.1 LOW | N/A |
Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading. | |||||
CVE-2004-0596 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference. | |||||
CVE-2003-0246 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 3.6 LOW | N/A |
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. | |||||
CVE-1999-0381 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
super 3.11.6 and other versions have a buffer overflow in the syslog utility which allows a local user to gain root access. | |||||
CVE-2004-0495 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2024-02-04 | 7.2 HIGH | N/A |
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool. | |||||
CVE-2001-1399 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86." | |||||
CVE-2004-0010 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges. | |||||
CVE-2004-0447 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS. | |||||
CVE-2000-0006 | 2 Linux, Paul Kranenburg | 2 Linux Kernel, Strace | 2024-02-04 | 2.6 LOW | N/A |
strace allows local users to read arbitrary files via memory mapped file names. | |||||
CVE-2004-1144 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.2 HIGH | N/A |
Unknown vulnerability in the 32bit emulation code in Linux 2.4 on AMD64 systems allows local users to gain privileges. | |||||
CVE-2002-1571 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors that do not clear all relevant SSE registers. | |||||
CVE-2003-0476 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. | |||||
CVE-1999-1018 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 7.5 HIGH | N/A |
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. | |||||
CVE-2004-0178 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes. | |||||
CVE-2001-1392 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 2.1 LOW | N/A |
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers. |